There is no doubt in my mind (nor in the minds of many of our satisfied customers and partners) that IPsec can and does provide an powerful and (yes!) flexible foundation to build networking security solutions on top of. Heck, we've been illustrating that for a number of years now with things like remote access VPNs, Server and Domain Isolation and with Network Access Protection coming in Longhorn Server.
There's also no doubt in my mind that many of you believe deploying IPsec is challenging and requires some additional functionality to match your specific deployment needs.
Well, we've heard you loud and clear!
Among the long list of great innovations and updates to the platform networking features of Windows Vista and Windows Server "Longhorn", IPsec has received a lot of attention. One of the areas of innovation is our AuthIP (Authenticated IP) extensions to the IKE (Internet Key Exchange) portion of the IPsec standards.
AuthIP helps both simplify policy management and expands the number of authentication options you have at your disposal when creating IPsec policies as part of an IPsec-based solution (can I mention IPsec any more times in one sentence?).
Our favorite pal "The Cable Guy" dedicated his August article to AuthIP in Windows Vista. I encourage to give it a read and learn why there will be one less reason not to deploy IPsec-based solutions. Gone will be the excuse, "it's really tough to creating policies" <g>
Oh yeah, we finally have Client-to-DC support...that's a really cool one!